when I try to su - into root to do some stuff, I just get "su: Sorry" anyone have any ideas?

you're not in wheel

Are you in the wheel group?
Are you entering in the right password?

I'm also receiving the message that the user is not part of the Wheel group. So, do I need to add the user to the wheel group?

Thnx.

ok, to be clear. If you want a user to be able to su to root, that user needs to be added to the wheel group in /etc/group after the root entry. Each entry is merely usernames separated by commas:

wheel:*:0:root,user1,user2

simple enough, thanks Minion

sudo is simpler and safer. at least thats my opinion.

uhhh.. metion of all these groups kinda leaves me confused... could someone gime me a desciption of the groups in FreeBSD 5.0? that would likely explain why I can't seem to mount any drives as any user other than root...

mounting has nothing to do with root, imagine if a user just because he's in a group could do umount /dev/hda1 (/) and mount /dev/hda2 (evil h4x0red partition), it would be bad =).

to mount a drive as a normal user that user needs to be in the operator group and have a sysctl or vfs.usermount=1 and the device needs to be 666 permissions

ah, now I actually have to learn how to set permissions and all that junk... if only I knew what the different permissions were...

Just think this, 4 is read, 2 is write, and 1 is exec, there are other more in depth things but you don't need to know those yet (ie sticky and S[UG]ID). You can also use something like chmod u+x /home/blah as well.

I find it easy to remember this way.

Let's say you have something like:

rwxr-xr-- root:freebsdgroup filename

r = read w = write x = execute

Each group of there is an octal bit (base8). It's just like binary really. Just look at the three as they were in binary format, and add them to get your octal bit.

The 1st group is the Owner's permissions. The 2nd group is the Group's permissions, and the 3rd is the World's (everyone) permissions.

Owner:

rwx
421 = 7

Group:

r-x
4-1 = 5

World:

r--
4-- = 4

So to get a permission like that you would do a 'chmod 754 filename'

Some more.

rw-
42- = 6

--x
--1 = 1

Hope that helps. :wink:

U = User G = Group O = Other (not U or G)

Triplet for u: rwx => 4 + 2 + 1 = 7
Triplet for g: r-x => 4 + 0 + 1 = 5
Tripler for o: r-x => 4 + 0 + 1 = 5
Which makes : 755

-U- --G-- --O--

-rwxr-xr-x 1 nick users 382 Jan 19 11:49
-drwxr-xr-x 3 nick users 1024 Jan 19 11:19 lib/
-rwxr-xr-x 1 nick users 1874 Jan 19 10:23 socktest.pl


all goes by 4 2 1

If your not confuesed enough already, Ill be glad to explain the umask command
8)

If your not confuesed enough already, Ill be glad to explain the umask command

:lol:

Ok, with the umask command you can specify the default mode for newly created files and directories. The easiest way to figure out what umask to use, is to take the octal number and subtract it from 777.

So, if you wanted all new files to be created in your directory as 754 , subtrack that from 777, 777-754=023.

A default mode of 755 would be 777-755 = 022. This is the default umask on most systems as far as I know.


There are also other special modes you can set on premissions as well.

t = sticky bit Keeps executable in memory after exit.
s = suid bit set process ID on execution
s = sgid bit set process group ID on execution
l = file locking Set mandatory file locking on reads/writes (sysV only)

To set this you can do it many different ways as well. Lets say i want to set uid on a file, you can do one of the following..

chmod u+s filename
or, if the file was 755 and you want to suid it, you can also do chmod 4755 to accomplish the same thing.

Another thing to note: The permissions mean different things on files and directories.

Meaning of permissions on files:

r view file contents
w alter file contents
x run executable file

Meaning on directories:

r search directory contents (ls)
w alter directory contents (add/delete files in it)
x make it your currnet directory (cd to it)

so, in a nutshell we got the following:

if you have read access you can see whats in the file.
if you have write access, you can change whats in it.
if you have execute acccess, you can run it.
To run a script, you need both read and execute permissions, since the shell needs read permissions to run it.
Running a compiled program doesnt need read access though.

s is SUID
S is SGID

Or my font may just be to small :lol:

actually they are both little 's'

just depends on what part of permissions you see them in...


rwsr-xr-x is suid to owner

rwxr-sr-x is sgid to group

uhhh... yes... wait! I'm COMPLETELY LOST! you tell me -rwxr-xwr--- and then chmod 666? what? math equations... that is just needless complication... I give you credit for trying... but crap! I'm LOST!

ok, given rwxr-xr-x
r = 4
w = 2
x = 1

its split into 3 octets. one for owner, group, and world

first set is rwx = 4+2+1 = 7
2nd set is 4+1 = 5
3rd set is 4+1 = 5

so, rwxr-xr-x = 755

not to say the tutorial here is insufficient -- it looks great (well, I know what the hell hes saying, so I get it no matter what) but midnight commander (mc) has a chmod tool that has checkboxes for each individual operation. I used that to learn the octets, and how they were impcted by the ... longhand (rwxrwx--- ... that notation) notation. It changes in real time. May be handy. Dunno offhand if any GUI tools in KDE or GNOME will show you the ocatl notation in realtime. I am sure that nautilus does, dunno about KDE.

BUt to recap what was said ...

you got a longhand notation of (owner/group/world)

r-xr-xr-x

allright -- what we want to see it as is this :

r-x r-x r-x

note the separation. treat each now as a bianry number so the permissions now would be :

101 101 101

Now convert each to decimal, treating the first number as 4, second as 2 and the final as 1. That gives us :

4+1 4+1 4+1

Now we condense that to :

555

That is the octal permission notation of r-xr-xr-x. Hopefully you can use that and see how it works using a gui tool and watch how the changes apply to each bit.

somehow i think i know what my next tutorial will be on...

heh